package com.xin.service;

import com.xin.pojo.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
 * @Author 夜天
 * @Date 2021/12/20 17:35
 * @Version 1.0.0
 * @description： 用户登录安全校验服务
 */
public class SpringSecurityUserServicePro implements UserDetailsService {
    // 注入密码加密对象
    @Autowired
    private BCryptPasswordEncoder bCryptPasswordEncoder;
    // 模拟数据库中的用户数据
    public  static Map<String, User> map = new HashMap<>();
    public void initUserData(){
            User user1 = new User();
            user1.setUsername("admin");
            // 使用Bcrypt加密数据
            user1.setPassword(bCryptPasswordEncoder.encode("admin"));

            User user2 = new User();
            user2.setUsername("xiaoming");
            user2.setPassword(bCryptPasswordEncoder.encode("1234"));

            map.put(user1.getUsername(),user1);
            map.put(user2.getUsername(),user2);

    }
    /**
     * 根据用户名加载用户信息
     * @param username
     * @return UserDetails
     * @throws UsernameNotFoundException
     */
    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        // 根据用户名查询数据库获取用户信息
        User userInDB = map.get(username);
        if(userInDB == null){
            // 用户不存在
            return null;
        }else {
            //将用户信息返回给框架
            //框架会进行密码比对(页面提交的密码和数据库中查询的密码进行比对)
            List<GrantedAuthority> list = new ArrayList<>();
            //为当前登录用户授权,后期需要改为从数据库查询当前用户对应的权限
            list.add(new SimpleGrantedAuthority("permission_A"));//授权
            list.add(new SimpleGrantedAuthority("permission_B"));

            if(username.equals("admin")){
                list.add(new SimpleGrantedAuthority("ROLE_ADMIN"));//授予角色
                list.add(new SimpleGrantedAuthority("add"));//授权
            }
            org.springframework.security.core.userdetails.User securityUser =
                    new org.springframework.security.core.userdetails.User(username,userInDB.getPassword(),list);
            return securityUser;
        }
        /*
        //模拟数据库中的密码
        String passwordInDB = userInDB.getGender();
        //授权，后期需要改为查询数据库动态获得用户拥有的权限和角色
        List<GrantedAuthority> list = new ArrayList<>();
        list.add(new SimpleGrantedAuthority("add"));
        list.add(new SimpleGrantedAuthority("delete"));
        list.add(new SimpleGrantedAuthority("ROLE_ADMIN"));

        UserDetails user = (UserDetails) new User(username,passwordInDB,list);
        return user;
        */

    }
}
